<?php
    @session_start();
    function login($id, $password)       // login function with two parameter $userid and $password
    {
    require_once("inc/db.class.php");
        $password=md5($password);           //convert the password to md5 encrypted form
        $database1= new database();
            $query_select="select * from users where email='$id' and password='$password' " ;
            $column=$database1->get_record_array($query_select);
            if($id==$column['email'] && $password==$column['password'])
            {
                $_SESSION['usr_nmbr']=$column['id'];
                $_SESSION['logged_in']=true;
                $_SESSION['user_role']=$column['user_role'];
                $_SESSION['username']=$column['first_name']." ".$column['last_name'];
                $_SESSION['first_name'] = $column['first_name'];
                $_SESSION['last_name'] = $column['last_name'];
                $_SESSION['email'] = $column['email'];
                $_SESSION['allow_write'] = true;
                return 'allow';
                //return "log in";
            }
            else
            {
                return 'incorrect_password';
            }
    }
?>